Report Overview
- Visited public2024-11-03 05:43:39Tags
- URL
d552lcnlgbcqg.cloudfront.net/V0yS/KvtvLvoxq/FDF2Smh/logitech-gaming-software-9.04.49-installer.exe
- Finishing URL
about:privatebrowsing
- IP / ASN
108.157.232.56#16509 AMAZON-02
Titleabout:privatebrowsing
Domain Summary
| Domain / FQDN | Rank | Registered | First Seen | Last Seen | Sent | Received | IP |
|---|---|---|---|---|---|---|---|
| d552lcnlgbcqg.cloudfront.net | unknown | 2008-04-25 | 2024-10-13 | 2024-10-27 | 552 B | 4.4 MB | 143.204.42.11 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
Threat Detection Systems
Public InfoSec YARA rules
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2024-11-03 | medium | d552lcnlgbcqg.cloudfront.net/V0yS/KvtvLvoxq/FDF2Smh/logitech-gaming-software-9.04.49-installer.exe | meth_get_eip |
| 2024-11-03 | medium | d552lcnlgbcqg.cloudfront.net/V0yS/KvtvLvoxq/FDF2Smh/logitech-gaming-software-9.04.49-installer.exe | pe_detect_tls_callbacks |
OpenPhish
No alerts detected
PhishTank
No alerts detected
Mnemonic Secure DNS
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
Files detected
URL
d552lcnlgbcqg.cloudfront.net/V0yS/KvtvLvoxq/FDF2Smh/logitech-gaming-software-9.04.49-installer.exe
IP
143.204.42.11ASN
#16509 AMAZON-02
File type
PE32 executable (GUI) Intel 80386, for MS Windows, 5 sections
Size
4.4 MB (4443064 bytes)
Hash
53e8ba5d0383c919e1318fb44435ca6c
33a36729ad0f1846d3602cd7cd73e546277c545c
Detections
| Analyzer | Verdict | Alert |
|---|---|---|
| YARAhub by abuse.ch | malware | meth_get_eip |
| YARAhub by abuse.ch | malware | pe_detect_tls_callbacks |
JavaScript (0)
HTTP Transactions (1)
| URL | IP | Response | Size | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
d552lcnlgbcqg.cloudfront.net/V0yS/KvtvLvoxq/FDF2Smh/logitech-gaming-software-9.04.49-installer.exe | 143.204.42.11 | 200 OK | 4.4 MB | ||||||||||
Detections
HTTP Headers
| |||||||||||||